How to use preferred keyservers
David Shaw
dshaw at jabberwocky.com
Tue Jun 1 17:33:22 CEST 2004
On Mon, May 31, 2004 at 07:28:16PM +0200, Malte Gell wrote:
> On Monday 31 May 2004 03:38, David Shaw wrote:
> > So now that 1.3.6 is out and people are playing with it, here's some
> > info on preferred keyservers. There are actually two uses for
> > preferred keyservers, but I'll cover the second use in a later mail.
> > Remember that preferred keyservers is a new feature in 1.3.6. It
> > does not exist in 1.2.x.
> >
> > The main idea behind preferred keyservers is that the key owner is
> > often the best person to decide how their key is distributed. They
> > thus set a preferred keyserver on the key, and anyone who wants to
> > refresh the key can get it from there automatically. Obviously,
> > since the preferred keyserver lives on the key itself, it doesn't
> > help anyone get the key for the first time (it's a
> > chicken-and-the-egg problem).
>
> This is really a nice feature, but can't it be expanded to fetching a
> key for the first time? With something like
> "gpg --keyserver http://homepage.foo/key.asc --recv-key 0x123456" ?
You can actually do that now, but it's more of a side-effect of how
keyservers are implemented than a feature. The key ID isn't
significant (it can be anything), but it has to be present. Don't
rely on this though. It's not a feature.
I may allow for "gpg --recv-key http://foo" in a future version.
> I just saw that --list-options show-keyserver-urls works only
> together with --list-sigs, is this correct? Why not show such things
> as well with --list-key if someone only wants to see such
> information and not the whole list of signatures? IIRC the same
> applies as well to things like show-policy-url or notations which
> need --list-sigs and don't work with --list-key.
All of those items (keyserver URLs, policy URLs, notations) are
actually located on signatures.
David
More information about the Gnupg-devel
mailing list